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Amendments to the Claims 

Kindly add new claims 1 1-20, and amend claims 1, 3 and 7-10, as set forth below. In 
compliance with the Revised Amendment Format published in the Official Gazette on 
February 25, 2003, a complete listing of claims is provided herein. The changes in the 
amended claims are shown by strikethrough (for deleted matter) and underlining (for added 
matter). 

1 . (Currently Amended) A method for providing security services in a clustered 
data processing environment, said method comprisin g th e s teps of : 

providing an acc es s program lay e r on at least two data proc e ssing nod e s of 
said clustered e nvironm e nt, soid lay e r pres e nting a con s ist e nt ooourity int e rfac e , from 
at l e ast two of s aid nodes to two at l e ast two typos of security program modul e which 
implement a s e curity service on different nod e s within said olustor, to applications 
which - run on s ai d nod e s and which acces s a s ame one of said at least two typ e s of 
s e curity program modul e s on diff e r e nt nodes, through said consistent interface; and 

providing at least on e adaptor module for oaoh s e curity program module, 
wh e r e in said at least on e adapt e r modul e map s parameters of said s e curity servic e to 
said security intorfaoo 3 whereby applications running on diff e r e nt nod e s do not 
require modification to us e diff e r e nt security program modules, providing an access 
program layer on one data processing node running an application client and another 
data processing node running an application server, said access program layer 
presenting a consistent security interface to said application client and said 
application server, said consistent security interface representing a security 
mechanism common to said application client and said application server, wherein 
said application client has one set of security mechanisms available thereto and said 
application server has another set of security mechanisms available thereto, and 
wherein at least one of the one set of security mechanisms and the another set of 
security mechanisms comprises a plurality of security mechanisms: and 
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providing an adapter module for the common security mechanism, said 
adapter module mapping one or more parameters of a security service implemented 
by the common security mechanism to said consistent security interface, whereby 
a pplications running on the one data processing node and the anotheT data processing 
node do not require modification to use different security mechanisms. 

2. (Original) The method of claim 1 in which there are a plurality of more than 
two of said data processing nodes. 

3. (Currently Amended) The method of claim 1 in which th e re ar e each set of 
security mechanisms comprises a plurality of security program modul e s m echanisms . 

4. (Original) The method of claim 1 in which there are a plurality of said 
adapter modules. 

5. (Original) The method of claim 1 in which said access program layer inc ludes 
authentication and authorization services through said security interface. 

6. (Original) The method of claim 1 in which said access program layer includes 
access control services through said security interface. 

7. (Currently Amended) The method of claim 6 in which said access control list 
services i ncludes entries grouped by at least one characteristic selected from the group 
consisting of type, mechanism, identity and permission bit mask. 

8. (Currently Amended) The method of claim 1 in which said access program 
layer loads one or more security program modules identified through said security interface. 

9. (Currently Amended) A computer readable medium having computer 
executable instructions causing a computer to provide an acc ess program layer on at lea/it two 
data ■processing-nedes of oaid clust e r e d e nvironm e nt, oaid layer pre s enting a consi s tent 
seourity interface, from at least two of said nod es to two at least two types of security 
program modulo which - implement a s e curity servic e on different nodes within ;mid clugrer, to 
applications which run on said nodes and which access a same one of said at least two types 
of security program modul e on diff e r e nt nod e s, through said consistent int e rface; and to 
provide at least on e adaptor modul e for each security program module, wherein said at least 
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one adapter module maps parameters of odd security service? to said security interfac e , 
wher e by applications running on different nodes do not requir e modification to us e differ e nt 
security program modul e s, an access program layer on one data processing node running an 
a pplication client and another data processing node running an application server, said access 
program layer presenting a consistent security interface to said application client and said 
a pplication server, said consistent security interface representing a security mechanism 
common to said application client and said application server, wherein said application client 
has one set of security mechanisms available thereto and said application server has another 
set of security mechanisms available thereto, and wherein at least one of the one set of 
security mechanisms and the another set of security mechanisms comprises a plurality of 
security mechanisms; and to provide an adapter module for the common security mechanism, 
said adapter module mapping one or more parameters of a security service implemented by 
the common security mechanism to said consistent security interface, whereby applications 
running on the one data processing node and the another data processing node do not require 
modification to use different security mechanisms. 

10. (Currently Amended) A multinode data processing system whose memory 
contains programming to provide an access program layer on at least two data proocooin g 
nodes of said cluster e d e nvironment, said lay e r pr e senting a consist e nt security interfac e , 
from at l e ast two of said nodes to two at l e ast two typ e s of s e curity program modulo whioh 
implem e nt a s ee urk y se rvice on differ e nt nodes within said cluster, to applications which run 
on said nod e s and which aoocsa a same on e of said at l e ast two types of security program 
modulo on different nodes, through said consi s tent int e rface; and to provide at l e ast one 
adapter module for each security program modul e , wher e in said at least one adapter module 
maps parameters of said security service to said se curity interface, wherein applications 
ru nning on differ e nt nodes do not rcquiro modification to us e diff e r e nt security program 
modules, an access program layer on one data processing node running an application client 
and another data processing node running an application server, said access program layer 
presenting a consistent security interface to said application client and said application 
server, said consistent security interface representing a security mechanism common to said 
a pplication client and said application server, wherein said application client has one set of 
security mechanisms available thereto and said application server has another set of security 
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mechanisms available thereto, and wherein at least one of the one set of security mechanisms 
and the another set of security mechanisms comprises a plurality of security mechanisms; 
and to provide an adapter module for the common security mechanism, said adapter module 
mapping one or more parameters of a security service implemented by the common security 
mechanism to said consistent security interface, whereby applications running on the one 
data processing node and the another data processing node do not require modification to use 
different security mechanisms. 

1 1 . (New) The method of claim 1 , further comprising using the access program 
layer by the application client and the application server to determine one or more security 
mechanisms of the one set of security mechanisms and the another set of security 
mechanisms that are common to the application client and the application server, and to 
negotiate between themselves which security mechanism of the one or more common 
security mechanisms is to be used as the common security mechanism. 

12. (New) The method of claim 1, further comprising providing at least one 
adapter module for each security mechanism of the one set of security mechanisms and the 
another set of security mechanisms. 

13. (New) A method for providing security services in a clustered data processing 
environment, said method comprising: 

providing an access program layer on at least two data processing nodes of 
said clustered environment, said layer presenting a consistent security interface, from 
at least two of said nodes to at least two types of security program modules which 
implement a security service on different nodes within said cluster, to applications 
which run on said nodes and which access a same one of said at least two types of 
security program modules on different nodes, through said consistent interface; and 

providing at least one adapter module for each security program module, 
wherein said at least one adapter module maps parameters of said security service to 
said security interface, whereby applications running on different nodes do not 
require modification to use different security program modules. 
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14. (New) The method of claim 13 in which there are a plurality of more than 
two of said data processing nodes. 

15. (New) The method of claim 13 in which each set of security mechanisms 
comprises a plurality of security mechanisms. 

16. (New) The method of claim 13 in which there are a plurality of said adapter 
modules. 

17. (New) The method of claim 13 in which said access program layer includes 
authentication and authorization services through said security interface. 

18. (New) The method of claim 13 in which said access program layer includes 
access control services through said security interface. 

19. (New) The method of claim 6 in which said access control services includes 
entries grouped by at least one characteristic selected from the group consisting of type, 
mechanism, identity and permission bit mask. 

20. (New) The method of claim 1 in which said access program layer loads one 
or more security program modules identified through said security interface. 
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